Legal claims defining the scope of protection, as filed with the USPTO.
2. The information handling system of claim 1, wherein the first non-transitory computer-readable media is a Serial Peripheral Interface flash storage device.
3. The information handling system of claim 1, wherein the cryptoprocessor is implemented in accordance with a Trusted Platform Module specification.
4. The information handling system of claim 1, the virtual BIOS engine further configured to extend measurements of the firmware payload into a configuration register of the cryptoprocessor after measuring the firmware payload, such that the configuration register includes a signature of an old firmware image to be replaced and the firmware payload.
5. The information handling system of claim 4, the virtual BIOS engine further configured to perform a quote of a configuration register.
6. The information handling system of claim 5, wherein the virtual BIOS engine is further configured to commit a new firmware image to the first non-transitory computer-readable media in response to verifying information stored in the configuration register relating to the old firmware image to be replaced and the firmware payload.
7. The information handling system of claim 1, wherein the isolated compute domain is instantiated on a securely-isolated hybrid processing core of the processor.
9. The method of claim 8, wherein the first non-transitory computer-readable media is a Serial Peripheral Interface flash storage device.
10. The method of claim 8, wherein the cryptoprocessor is implemented in accordance with a Trusted Platform Module specification.
11. The method of claim 8, wherein the virtual BIOS engine is further configured to extend the firmware payload into a configuration register of the cryptoprocessor after measuring the firmware payload, such that the configuration register includes a signature of an old firmware image to be replaced and the firmware payload.
12. The method of claim 11, the virtual BIOS engine further configured to perform a quote of a configuration register.
13. The method of claim 12, wherein the virtual BIOS engine is further configured to commit a new firmware image to the first non-transitory computer-readable media in response to verifying information stored in the configuration register relating to the old firmware image to be replaced and the firmware payload.
14. The method of claim 8, wherein the isolated compute domain is instantiated on a securely-isolated hybrid processing core of the processor.
16. The article of claim 15, wherein the first non-transitory computer-readable media is a Serial Peripheral Interface flash storage device.
17. The article of claim 15, wherein the cryptoprocessor is implemented in accordance with a Trusted Platform Module specification.
18. The article of claim 15, the virtual BIOS engine further configured to extend the firmware payload into a configuration register of the cryptoprocessor after measuring the firmware payload, such that the configuration register includes a signature of an old firmware image to be replaced and the firmware payload.
19. The article of claim 18, the virtual BIOS engine further configured to perform a quote of the configuration register.
20. The article of claim 19, wherein the virtual BIOS engine further is configured to commit a new firmware image to the first non-transitory computer-readable media in response to verifying information stored in the configuration register relating to the old firmware image to be replaced and the firmware payload.
21. The article of claim 15, wherein the isolated compute domain is instantiated on a securely-isolated hybrid processing core of the processor.
Unknown
August 27, 2024
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.